From: joeyli <jlee@suse.com>
To: James Bottomley <James.Bottomley@parallels.com>
Cc: linux-kernel@vger.kernel.org
Subject: Re: UEFI Secure boot using qemu-kvm
Date: Thu, 28 Jun 2012 18:49:57 +0800 [thread overview]
Message-ID: <1340880597.6196.158.camel@linux-s257.site> (raw)
In-Reply-To: <d9f6fbce-f07a-4347-bce5-8fb20971944b@email.android.com>
於 四,2012-06-28 於 11:22 +0100,James Bottomley 提到:
>
> joeyli <jlee@suse.com> wrote:
>
> >Hi James,
> >
> >On Wed, Jun 27, 2012 at 06:34:05PM +0100, James Bottomley wrote:
> >
> >> The purpose of this email is to widen the pool of people who are
> >playing
> >> with UEFI Secure boot. The Linux Foundation Technical Advisory Board
> >> have been looking into this because it turns out to be rather
> >difficult
> >> to lay your hands on real UEFI Secure Boot enabled hardware.
> >
> >
> >I am following your approach to reproduce your UEFI environment with
> >qemu-kvm. After run qemu-system-x86_64 the kvm launched and go to UEFI
> >shell success. So far so good!
> >
> >But, I got a problem is the keyboard layout is not US keyboard, So I
> >need build a mapping table for reference when key-in any letter:
> >
> >[ e
> >/ x
> >s i
> >enter t
> >down enter
> >page up down
> >...
> >
> >
> >Did you meet this issue on your side?
>
> Well no. I've got a US keyboard. You probably need the keymap directory from qemu-kvm.
>
> The best thing is probably to copy all the qemu files to a new directory and then copy in the qemu-ovmf ones (assuming standard qemu-kvm works for you).
>
> James
Yes, I just found the problem happen on using SSH login to the machine
that have qemu-kvm and launch it with UEFI shell.
If I direct launch kvm on the machine, everything is OK!
I already import your PK.cer and KEK.cer and run
HelloWorld.efi/HelloWorld-signed.efi to verify the secure boot success.
When running non-signed file, shell show up:
Error reported: Access Denied
Thanks a lot for your document and RPMs on OBS, it's really useful to me
for verify secure boot.
Regards
Joey Lee
next prev parent reply other threads:[~2012-06-28 10:50 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-28 10:01 UEFI Secure boot using qemu-kvm joeyli
2012-06-28 10:22 ` James Bottomley
2012-06-28 10:49 ` joeyli [this message]
[not found] ` <CAGLnvc-hLpUZaaOkeWMRtYefwL5goxuWP_99FyAzem7s_mncPg@mail.gmail.com>
2012-06-28 10:24 ` Fwd: " joeyli
2012-06-30 16:21 ` joeyli
2012-07-12 22:17 ` Khalid Aziz
2012-07-19 9:41 ` James Bottomley
2012-07-19 15:55 ` Khalid Aziz
-- strict thread matches above, loose matches on Subject: below --
2012-06-27 17:34 James Bottomley
2012-06-27 18:15 ` Matthew Garrett
2012-06-27 19:35 ` James Bottomley
2012-06-27 19:38 ` Matthew Garrett
2012-06-27 19:53 ` James Bottomley
2012-06-27 20:01 ` Matthew Garrett
2012-06-28 18:36 ` Alex Elsayed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1340880597.6196.158.camel@linux-s257.site \
--to=jlee@suse.com \
--cc=James.Bottomley@parallels.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox